The widespread use and increasing development of the Internet has allowed exchanges of information in ways previously not possible. For example, the Internet has allowed social networking to now be made available online. Users can now publish information, e.g., their name, school, metropolitan groups, events, activities, interests, pictures, etc. For example, users may now publish their recent pictures from their last vacation to a particular photo sharing web site. Users may enable data feeds for the activities they have published online. Data feeds allow custom applications to read and interact with that data.
Data feed is generally referred to as a content aggregation technology that enables online users to read and aggregate public content in a standard format. The standard format may include really simply syndication (RSS) and ATOM. Unfortunately, a public data feed, e.g., conventional RSS and ATOM, generally does not enable a user to selectively control publication of private information. For example, a public data feed does not have the ability to enforce access control to a particular group of people. As a result, data feeds in general expose data that are only publicly available.
Moreover, conventional standard protocols are unable to authenticate a user against the services that provide data feeds. In other words, conventional standard formats are public. Thus, users are provided with very limited control for publishing data and content because of lack of open authentication standard and inability to authenticate and authorize users. As a result, private data is virtually inaccessible by feed readers due to lack of open authentication standards. Moreover, users have very limited control over selectively publishing private information.
Some conventional methods may facilitate a basic authentication form with some limitations. For example, a user may provide a username and a password in order to be authenticated. Unfortunately, authentication by requiring the user to enter a username and a password each time that the user wishes to access private data is not only manual but also laborious and redundant since the user that has already been properly authenticated should be able to access the same data without repeating the same process. Moreover, authentication mechanisms supported by feed clients are not secure since usernames and passwords are transmitted in plain text over the server, thereby increasing the security risk to a user account.
Furthermore, the basic authentication described above is nontransferable between devices and is thereby limited to one device. For example, a user utilizing a laptop may be required to enter a username and a password if the user wishes to access private information, e.g., pictures from a recent trip. However, the user may also be required to enter the username and the password again for accessing the same information using a different device, e.g., electronic picture frame. Thus, the basic authentication is nontransferable between devices.
Generally, when a user logs out, the private information becomes inaccessible to that user. Unfortunately, requiring the user to be constantly logged on in order to access private information is not only inconvenient but it poses an account security risk. For example, a user is required to be logged on if the user wishes to display pictures that need authentication on an electronic picture frame. Moreover, a picture frame feed reader does not provide a mechanism by which to provide authentication to a data service. As a result, the user's account is exposed to public since the user remains logged on for displaying pictures.